Online Social Networks: Threats and Solutions 

Survey 

Michael Fire*^, Roy Goldschmidt^^ and Yuval Elovici 

Telekom Innovation Laboratories at Ben-Gurion University of the 

Negev 

^The Knesset Research and Information Center 



Abstract 

Online social network users are unaware of the numerous security 
risks that exist in these networks, which can include privacy violations, 
identity theft, and sexual harassment, just to mention a few. Accord- 
ing to recent studies, many online social network users readily expose 
personal and intimate details about themselves, such as relationship 
status, date of birth, school name, email, phone number, and even 
home addresses. This information, if fallen into the wrong hands, can 
be used to harm users, both in the virtual and in the real world. These 
risks become more severe when the users are children. In this paper we 
present a thorough survey on the different security and privacy risks 
which threaten the well-being of online social network users in gen- 
eral and children in particular. In addition, we present an overview 
of existing solutions that can provide better protection, security, and 
privacy for online social network users. 

Keywords. Online Social Networks, Security and Privacy, Online 
Social Networks Security Threats, Online Social Networks Security So- 
lutions. 



1 Introduction 

In recent years global online social network usage has increased sharply 
as these networks become interwoven into the everyday lives of people as 
places to meet and communicate with others. Online social networks, such 



* mickyfi@bgu.ac.il 

^ rgoldshmidt@knesset.gov.il 

* elovici@bgu.ac.il 



1 



as Facebool<3, TwitteiH, LinkedlrH, QZonfjf], Vkontakt(|l, PintereslH, and 
FourSquar^I have hundreds of milhons of daily active user^. Facebook, for 
example, has more than one billion monthly active users, 543 million of which 
are monthly mobile Facebook users as of October 2OI4J. 

Facebook users have on average 138 friends and create around 90 pieces 
of content each month. Unfortunately, many online social network users 
are unaware of the many security risks which exist in these types of com- 
munications, including privacy risks 13 |3^, identity theft [Tj, maleware |^, 
socialbots [8l|9l|T2], and sexual harassment |40| 142). among others. Accord- 
ing to recent studies [H [8] , many online social network users expose personal 
and intimate details about themselves, their friends, and their personal rela- 
tions, such as date of birth, profile pictures, school name, work place, phone 
number, email address, and even home addresses. Moreover, according to 
Boshmaf et al. |8], Facebook users have been shown to accept friendship 
requests from people who they do not know but who share several friends 
in common. By accepting these friend requests, users unknowingly disclose 
their private information to total strangers. This information, if fallen to 
the wrong hands, can be used to harm users, both in the virtual and in the 
real world. These risks become more severe when the users are teenagers or 
children who are by nature more exposed and vulnerable than adults. As 
the use of social networks becomes progressively more embedded into the 
everyday lives of users, personal information becomes easily exposed and 
abused. Information harvesting, by both the social network operator itself 
and by third party commercial companies, has recently been identified as a 
risky security concern for online social network users. Companies can use 
the harvested personal information for a variety of purposes, all of which 
can jeopardize a user's privacy. For example, companies can use collected 
private information in order to tailor online ads according to a user's pro- 
file |38) or even to conclude valuable insights about their customers. These 
insights may include general information, such as age, gender, and income; 
however, in some cases, more personal information can be exposed, such as 
the user's sexual orientation [31] ■ These privacy issues become more severe 
when considering the nature of social networks. By collecting data on a 
user's friends, one can infer the user's personal details even without direct 
access to the original user's personal information |30) . 

To cope with the above mentioned threats, a variety of solutions have 



^http : / /www ■ f acebook . com/ 1 



^http: //twitter . com/ 



"http: / / www . 1 inkedin . com/ | 

''http:/ /qzoiie. qq.com/ 
^http://vk.com/ 
^http: //pinterest . com/ 



'http: //foursquare . com/ 

® http: //vincos . it/world-map- o f - social-networks/ 1 
^http: //newsroom.fb. com/ 



2 



been offered by social network operators, security companies, and academic 
researcliers. Social network operators, like Facebook, attempt to protect 
their users by adding authentication processes to ensure that the registered 
user is a real person [8J. Moreover, many social operators also support a con- 
figurable user privacy setting that enables users to protect their personal data 
from other users in the network |21| 126) . As for privacy settings, social net- 
works currently face a conflict of interest; as personal information is a com- 
modity, the more we share, the better. However, on the other hand, a user 
concerned with privacy is a liability and will probably share less information 
and become less active. Nevertheless, both regulating authorities and public 
groups try to keep privacy concerns as a part of the public discourse and 
consideration j^. Today there are additional protection mechanisms which 
include defenses against spammerj^. fake profiles [13j, and other threats. For 
example, security companies like Checkpoint!^. Websens^^, and UnitedPar- 
entq^ offer social tools to protect users in the online social network world. 
These companies usually offer products which monitor user activity in order 
to identify and protect users from different threats. The modern day threat 
is so pervasive that even the academic community has addressed this issue 
by publishing studies which attempt at solutions for different social network 
threats and improvements in identity protection |10| [39| [T3| [TSl [T9l [TS] . 

The remainder of the paper is organized as follows. In Section [21 we intro- 
duce some interesting statistics on online social network usage. In Section |3l 
we describe different types of online social network threats. In Section HI 
we describe different types of solutions which can assist in protecting online 
social network users. Lastly, in Section |5l we present our conclusions. 



2 Online Social Networks Usage 

While some experts insist that online social networks are a passing fashion 
and will eventually be replaced by another internet fad, current user statistics 
concur that social networks are here to stay. In 2011, the Nielsen report |32] 
revealed that Americans spend 22.5% of their time online on social networks 
and blogs, more than twice the time spent on online games (9.8%). Other 
common and basic online activities that consume less of American's time 
include: emails (7.6%); portals (4.5%); videos and movies (4.4%); and even 
search and instant messaging at 4% and 3.3%, respectively. Facebook's dom- 
inance of social networks in the U.S prevails with 140 million unique monthly 
visitors as of May 2011, reaching 70% of active U.S internet users. Other 
Social networks which draw a lesser amount of users in the states are Twitter 



1 



ihttpj/Tblog. twitter . com/2 010/03/st ate- of -twitter- spam . html | 
'http: //www . checkpoint . con^ 
^■^http: //www.websense . com/ 
^■^http : / /www . u nitedparents ■ com/| 



3 



with 23.6 million unique visitors, MySpacfilfl with 19.2 million, and Linkedin 




with 17.7 million unique visitors. The amount of collective time spent on 
social networks, especially on Facebook, is enormous and ever growing. U.S 
users spent a total of 53.5 billion minutes on Facebook during May 2011, 17.2 
billion minutes on Yahod^. and 12.5 billion minutes on GooglJ^. Mobile 
devices or cellular phones also serve as platforms for internet usage statis- 
tics. The Nielsen report suggested that almost 2 out of 5 social media users 
access online social networks from mobile devices. Social applications are 
the third most used type of application by Smartphone users who download 
applications. It should be noted that the use of social networks on mobile 
devices not only allows for an even "closer relation" to social media but can 
also pose more privacy concerns, especially around the issues of collection of 
location data and opportunities for advertisers to identify specific types of 
users. 

2.1 Children in Online Social Networks 

A comprehensive study [23j carried out in 2010 in 25 European states with 
25,000 participants concluded the following statistics: 60% of children 9-16 
years old, who use internet, use it daily (88 minutes use on average) and 
59% of 9-16 year olds, who use internet, have a personal social network site 
profile (26% of 9-10 year olds; 49% of 11-12 year olds; 73% of 13-14 year 
olds; 82% of 15-16 year olds). Note that the terms of use in most online 
social networks do not allow users under the age of 13. Furthermore, 26% of 
the children studied in the European study had their online social network's 
profile set to "public" (e.g., accessible to strangers); 14% reported having 
their address or phone number listed on their profile; and 16% reported that 
their profiles display an inaccurate age. Details of the study revealed that 
30% of the children surveyed reported they had an internet connection with 
a person they had never met face to face; 9% reported meeting face to face 
with someone who they only had an online connection with; 9% reported 
experiencing a misuse of personal data; 21% reported coming across one or 
more types of potentially harmful user generated content, and 6% reported 
they had been sent malicious or hurtful messages on the internet. These 
findings reiterate our previous claim; the use of online social networks is em- 
bedded in the everyday lives of children and youth, and results in personal 
information being somewhat exposed, misused, and possibly abused. Inter- 
estingly, about a third of the parents in this European study claimed that 
they filter their children's use of the internet, while a quarter stated that 
they use monitoring tools. 

^^http : //www.mmysapce . com/ 
^^http: //www. yahoo . com/ j 




4 



3 Threats 



With the increasing usage of onhne social networks, users have unknowingly 
become exposed to many different types of threats, both on their privacy and 
on their security. These threats can be divided into two main categories. The 
first category relates to classical privacy and security threats, namely, threats 
that not only jeopardize social network users but non-social network internet 
users as well (see Table [T]). The second category concerns modern social 
network threats, namely, threats that are mostly unique to the environment 
of online social networks and which use the social network infrastructure to 
threaten user privacy and security (see Table |2|) . Further complicating the 
situation is the fact that today's attackers can, and often do, combine these 
two types of attacks in order to create a more sophisticated and lethal attack. 
In the remainder of this section we present, in detail, each one of these types 
of threats (see Sections 13.11 and 13. 2p . We furthermore appropriate a special 
focus to the urgent issues of trust and threats to children in these types of 
networks (see Section [3.311. 



3.1 Classical Threats 

Classical threats can take the form of malware, XSS attacks, or even phish- 
ing (among others). Though these issues have been addressed in the past, 
due to the structure and nature of online social networks, they have recently 
become viral and have begun to spread more quickly between network users. 
Classical threats can take advantage of a user's personal information pub- 
lished in a social network in order to attack not only the user, but also their 
friends, simply by adjusting the threat to the user's personal information. 
For example, an attacker can plant a Trojan inside an attractive spam mes- 
sage that contains a user's details from the user's Facebook profile. Due to 
the personal nature of this crafted message, the chances that the innocent 
user will open the message and get infected are likely. In many cases, these 
threats target essential and everyday user resources, such as credit card num- 
bers, account passwords, computing power, and even computer bandwidth 
(in order to send spam emails). In Table [H we illustrate the different classi- 
cal threats and real life scenarios where these types of threats jeopardized a 
real user's privacy and security. 



Table 1: Classical Online Social Network Threats 



Threat 



Description Example 



5 



Mai ware 


Malicious software developed to dis- 
rupt a computer operation in order 
to collect a user's credentials and 
gain access to their private informa- 
tion. Malware in social networks use 
the social network structure in order 
to spread themselves between users 
and their friends in the social net- 
work. 


Koobface was the first 
malware to successfully 
propagate through social 
networks. This mal- 
ware succeeded in attack- 
ing users in many differ- 
ent online social network 
sites, such as Facebook, 
MySpace, and Twitter. 
Upon infection, Koobface 
attempts to collect login 
information and join the 
infected computer in or- 
der to be part of a bot- 
net |6]. 


Phishing 
Attacks 


A form of social engineering to ac- 
quire user sensitive and private in- 
formation by impersonating a trust- 
worthy third party. A recent 
study [3] showed that users inter- 
acting on a social networking web- 
site are more likely to fall for phish- 
ing scams due to their social and 
trusting nature. Moreover, in re- 
cent years, phishing attempts in so- 
cial networks increased sharply. Ac- 
cording to the Microsoft security in- 
telligence report volume 1C0, 84.5% 
of all phishing attacks targeted so- 
cial networks sites. 


In 2009, Facebook 
stopped a phishing attack 
that lured users onto fake 
Facebook login pages. 
The phishing attack 
spread between Facebook 
users by inviting the 
users' friends to click 
on a link posted on the 
original user's wall [29]. 



' http: //www. microsoft . com/ security/sir /default . aspx 



6 



Spammers 


Spammers are users who use elec- 
tronic messaging systems in order 
to send unwanted messages to other 
users, hke for example, advertise- 
ments,. Online social network spam- 
mers use the social network plat- 
form in order to send advertisement 
messages to other users by creating 
fake profiles [1^ . The spammers can 
also use the social network platform 
to add comment messages to pages 
which are viewed by many users in 
the network. 


Twitter, a directed online 
social network, suffered 
from a massive amount 
of spam. In August 
2009, 11% of Twitter mes- 
sages were spam mes- 
sages. However, in the be- 
ginning of 2010, Twitter 
successfully cut down the 
percentage of spam mes- 
sage to 1%^°. 


Cross-site 

scripting 

(XSS) 


A cross-site scripting (XSS) attack 
is an attack against web applica- 
tions. The attacker who uses the 
XSS attack exploits the trust of the 
web client in the web application 
and causes the web client to run 
malicious code capable of collecting 
sensitive information. Online social 
networks, which are types of web ap- 
plications, also suffer from XSS at- 
tacks. Furthermore, attackers can 
use an XSS vulnerability combined 
with the social network infrastruc- 
ture to create an XSS worm that can 
use an XSS vulnerability to spread 
virally between the social network 
users p4]. 


In April 2009, an XSS 
worm called Mikeyy 
rapidly spread across 
Twitter and infected 
many users, among them 
celebrities like, Oprah 
Winfrey and Ashton 
Kutcher. The Mikeyy 
worm used an XSS vul- 
nerability and the Twitter 
infrastructure to spread 
between Twitter user 
profiles [33] . 



7 



Internet Fraud 



Internet fraud, also known as cyber 
fraud, refers to the usage of internet 
access to scam or take advantage of 
people. In the past, con artists used 
traditional social networks, such as 
group weekly meetings, in order to 
establish strong bonds with their po- 
tential victims. In recent years, ac- 
cording to the NASAaEI , with the 
gaining popularity of online social 
networks, con artists have turned to 
online social networks in order to es- 
tablish trust connections with their 
victims and now operate using per- 
sonal data published in the victim's 
online profiles. 



Fraudsters have been 
hacking into the accounts 
of Facebook users who 
travel abroad in order to 
login into the user's ac- 
count and ask the user's 
friends for assistance in 
transferring money to the 
scammers bank account. 
One victim of this type 
of fraud was Abigail 
Pickett. While travelling 
in Colombia, Abigail dis- 
covered that her account 
had been hijacked from 
someone in Nigeria and 
was used to send requests 
for money to friends on 
the pretext that she was 
"stranded" [Ij 



3.2 Modern Threats 

Modern social network threats are the second type of threat and are mostly 
unique to the environment of online social networks. These threats use 
the social network infrastructure to collect and expose personal informa- 
tion about a user and their friends and have even successfully lured users 
into clicking on specific malicious links. This type of threat can include so- 
cialbots in El [12 , inference attacks |30) , de-anonymization attacks |41) , link 
reconstruction attacks [15], clickjacking f25), sybil attacks socwares |34) . 
malicious Facebook application |i35j and clone and identity theft attacks |20) . 
just to mention a few (See Table |2|). Usually, these threats target user per- 
sonal information as well as the personal information of their friends. Today's 
attackers can also combine these two types of attacks in order to create a 
more sophisticated attack. For example, an attacker can use a Trojan in or- 
der to collect a user's Facebook password and post message on their behalf 
in order to lure the user's trusting friends into installing the hidden virus 
onto their own computers. Another example is using cloned profiles to col- 
lect personal information about the cloned user's friends. Using the friends' 
personal information the attacker can send crafted spam email containing a 

^^ ,http : / /www ■ nasaa . org/5568/ informed- investor- advisory- social- networking/ 1 

8 



virus. Due to the usage of personal information, the virus is more hkely to 
be activated. The recovery processes for these two types of threats are very 
distinct from each other. In order to recover from a classical attack, like a 
virus, in most cases it is possible to simply reinstall the operation system, 
change the current passwords, and cancel the affected credit cards. How- 
ever, in order to recover from a modern social network attack that "steals 
your reality" [2], more effort must be invested due to the fact that changing 
personal information is very time consuming and not always 100% possible. 
For example, you can change your email address but it takes a significantly 
greater amount of effort to change your home address. 



Table 2: Modern Online Social Network Threats 



Threat 


Description 


Example 


Clickjacking 


Malicious techniques which 
trick the user into clicking on 
something different from what 
they intended to click. By using 
clickjacking, the attacker can 
trick the user into posting spam 
messages on their Facebook 
wall, performing likes to links 
unknowingly (also referred as 
likejacking), and even opening 
a user's microphone and web 
camera to record the user j25j. 


In 2009, Twitter was plagued 
by a clickjacking "Don't click" 
attack. The attacker Tweeted 
a link with the message "Don't 
click" along with a masked 
URL. When Tweeter users 
clicked on the "Don't click" 
message, the message auto- 
matically spread virally and 
was posted onto their Twitter 
account |28j. 


De- 

anonymization 
attacks 


In many online social net- 
works, like Twitter and 
MySpace, users can protect 
their privacy and anonymity 
by using pseudonyms. De- 
anonymization attacks use the 
user's social networks, such 
as network topology and user 
group memberships, to uncover 
the user's real identity. 


Wondracek et al. [41] pre- 
sented a method to de- 
anonymize users in social 
networks by using only the 
user's group memberships. 
They tested their method 
on the Xing social network 
and succeeded in uniquely 
identifying 42% of the users. 



9 



Socialbots 


Socialbots are automatic or 
semiautomatic fake profiles that 
mimic human behaviors in on- 
line social networks. In many 
cases, socialbots aim to harvest 
user personal data from social 
networks. By initiating friend 
requests to other users in the so- 
cial network, who in many cases 
accept, the socialbots can also 
harvest the user's private data 
which is exposed to the user's 
friends only. 


In their study, Boshmaf et 
al. [8] created an army of more 
than hundred Facebook so- 
cialbots which attempted to 
infiltrate innocent Facebook 
profiles by initiating a series 
of friend requests to innocent 
Facebook users. The social- 
bot's army succeeded in gen- 
erating approximately 250GB 
of inbound traffic from Face- 
book. Moreover, the social- 
bot's friend acceptance rates 
were up to 80% when the 
socialbot and the innocent 
Facebook user had more than 
eleven friends in common. 


Clone identity 
attacks 


In this type of attack, attackers 
duplicate a user's online pres- 
ence in the same network or 
across different networks in or- 
der to deceive the cloned user's 
friends into forming a trust- 
ing relationship with the cloned 
profile. The attacker can use 
this trust in order to collect per- 
sonal information on the user's 
friends or to perform different 
types of online frauds. 


Recently, the Facebook pro- 
file of NATO's most senior 
commander. Admiral James 
Stavridis, was cloned and 
used to collect details on de- 
fense ministry officials and 
other government officials by 
tricking them into becoming 
friends with the cloned Face- 
book profilep)]. 


Inference 
attacks 


Inference attacks in online so- 
cial networks are used to pre- 
dict a user's personal sensitive 
information that the user choses 
to disclose, such as religious af- 
filiation and sexual orientation. 
These type of attacks can be 
implemented by using different 
data mining techniques com- 
bined with publicly available so- 
cial network data, such as net- 
work topology and user's friends 
' data. 


Mislove et al. |30| presented 
techniques for predicting a 
user's attributes based on 
other users' attributes in the 
social network. They tested 
their techniques and inferred 
different Facebook users' at- 
tributes, such as educational 
information, tastes, prefer- 
ences, and geographic infor- 
mation. 



10 



So c wares 


Socwares are fake and possibly 
damaging posts and messages 
from friends in social networks. 
Socwares may lure in their vic- 
tims by offering false rewards to 
users who install the socwares' 
related malicious Facebook ap- 
plications or visit the socwares' 
questionable website. After the 
user has cruised the socwares' 
wesbite or install the relevant 
application, they as a result, 
and unknown to them, end up 
sending socware messages or 
posts to their friends, essen- 
tially assisting the socwares' vi- 
ral spread [34]. 


Rahman et al. |34j studied 
over 40 million posts and dis- 
covered that 49% of stud- 
ied users were exposed to at 
least one socware post in four 
months. In addition, Rahman 
et al. discovered that 13% 
out 111,000 studied applica- 
tions were malicious applica- 
tions |35] that can assist in 
spreading socwares. 


Organizational 
Data Mining 


By collecting data from online 
social network users who are 
employed in a targeted orga- 
nization, an attacker can re- 
construct the organization's so- 
cial network structure and in- 
fer many insights about the tar- 
geted organization, its struc- 
ture, and employee positions in- 
side the organization. 


Recently, Fire et al. |16] pre- 
sented an algorithm for recon- 
structing the social network of 
a targeted organization based 
on publicly available data 
from the online social net- 
work. Fire et al. tested their 
algorithm on six organizations 
of different scales based on 
publicly available data from 
the organizations' employee 
Facebook profiles. They suc- 
cessfully reconstructed the or- 
ganization's social networks 
and identified hidden leader- 
ship roles inside the organiza- 
tion. 



3.3 Trust and Children's Safety in Online Social Networks 

Another aspect of online social network threats concerns the issue of trust. 
Recent studies illustrate that online social network users tend to trust their 
friends in the network. In many cases, this trust can lead to additional ways 
of communication and even to face-to-face encounters |40] . The current con- 



11 



cern regarding trusting social network friends is that in some cases, the said 
friend's profile is really a mask for sinister intentions. For example, Face- 
book recently estimated that around 8.7% of its users, more than 83 million 
profiles, are fake or duplicate accountj^. These duplicate accounts can be 
part of a socialbot army used by a third party company to collect data on 
social network users. Disturbingly, other cases can include profiles used by 
child predators in order to lure their next victim. The greatest concern for 
the personal information safety of children is reflected in the growing concern 
for internet pedophiles, also referred to as online predators. Livingstone and 
Haddon |22) of EU Kids Online defined a typology in order to understand 
the risk and harm related to the following online activities: online harm from 
content (child's exposure to pornography or harmful sexual content); harm 
from contact (a child who is contacted by an adult or another child for the 
purposes of sexual abuse); and harm from conduct (the child as an active 
initiator of abusive or risky behaviors ) . Behaviors considered to be internet 
sexual exploitation of children include adults using children for the produc- 
tion of child pornography and its distribution; consumption of child porn; 
and the use of the internet as a means to initiate online or offline sexual ex- 
ploitation. In their study from 2008, Wolak et al. [iQ] critically examined the 
myth and reality of the so called online predator. The image of net preda- 
tors in the media is of an adult man seducing and tempting innocent young 
boys and girls through the collection of personal data and impersonation of 
youngsters, all the while hiding their sexual intentions until the actual meet- 
ing, which likely involves rape or kidnapping. According to Wolak et al., the 
truth is far more complex. Wolak et al. assert that most internet initiated 
sex crimes indeed start with establishing a relationship between an adult and 
a child through the use of instant messaging, emails, chats, etc. However, in 
most cases children are aware of the fact that they are talking to an adult and 
by attending a real life meeting, they are aware and to some extant expect to 
engage in sexual activity. More often than not, the encounter involves non 
forcible sexual activity, yet it is with a person under the age of consent and 
therefore still constitutes a crime. Contrary to the common notion, in most 
cases victims of internet initiated sex crimes were youth (aged 13-17) and 
none under 12 were reported. Therefore, these crimes do not constitute the 
clinical definition of pedophilia: "the fantasy or act of sexual activity with 
prepubescent children". In accordance with the European study mentioned 
above, Wolak et al. maintain that risky net behaviors and specific popu- 
lations who are more exposed to them can be identified. Potentially risky 
behaviors can include communication with strangers; use of chat rooms for 
communication with strangers; sexually explicit talk with strangers; giving 
private information and photos to strangers, etc. It should be noted that 
each of the above mentioned behaviors itself does not necessarily pose a risk, 

^ ^http: //www. sec.gov/Archives/edgar/data/1326801/000119312512325997/d371464dl0q. html 

12 



but the combination of few of these behaviors can pose an enormous habihty 
to child safety. An additional finding of the Wolak et al. study is that there 
is a well-established link between online and offline behaviors. Researchers 
contend that victims of internet abuse are very often vulnerable children, 
such as youths with a history of physical or sexual abuse or a youths who 
suffer from depression or social interaction problems. Children living in these 
kinds of environments are all at a higher risk of sexual abuse on the internet 
or through internet initiated encounters. 

4 Solutions 

In recent years, social network operators, security companies, and academic 
researchers have tried to deal with the above mentioned threats through a 
variety of solutions. In this section we describe in detail different types of 
proposed solutions which can assist in protecting the security and privacy of 
online social networks users. 

4.1 Online Social Network Operators 

Online social network operators attempt to protect their users against the 
above mentioned threats by activating several security and privacy mecha- 
nisms. One of those mechanisms is the addition of authentication processes, 
such as CAPTCHA, to ensure that the registered user is a real person |8]. 
Another mechanism is supporting a configurable user privacy setting that 
enables users to protect their personal data from other users in the net- 
work |27| 121) . Additional protection mechanisms include defense against 
spammers, fake profiles, scams, and other threats. For example, Facebook 
protects its users from malicious attacks and information gains by activating 
the Facebook Immune System (FIS). The FIS is described as an adversarial 
learning system that performs real-time checks and classifications on read 
and write actions on Facebook's database [36]. In addition, some online so- 
cial network operators attempt to protect their children and teenage users 
from harassment by adding the option to report abuse or policy violations 
by other users in the networlj^. In some countries, social networks like Face- 
book and Bebo also added a "Panic Button" to better protect children and 
teenagers |5j. 

4.2 Software Solutions 

In recent years, different commercial and open source products have begun 
to offer online social network users tools for better protecting themselves 
against different security and privacy threats which exist in online social 

•^' ^https : //www.facebook. com/report/ 1 



13 



networks. The different available software and application protection solu- 
tions are presented in detail in Table |3l 



Table 3: Software Security and Privacy Solutions 



Solution 


Description 


License 


Checkpoint's 

ZoneAlarm 

SocialGuarci!3 


The SocialGuard is a desktop soft- 
ware which assists Facebook users in 
protecting themselves. According to 
a software website, the SocialGuard 
software can identify suspicious links 
and phishing scams in Facebook, 
suspicious friend requests, and hack- 
ing into Facebook accounts. The 
software also can also assist parents 
in protecting their children by alert- 
ing them about suspicious activities 
in their child's account and identi- 
fying when the child is being cyber- 
bullied. 


Annual license fee 


UnitedParents 
Child Protec- 
tion Service^^ 


The UnitedParents Child Protection 
Service assists parents in protect- 
ing their children by monitoring and 
tracking children's activity in online 
social networks and identifying sus- 
picious patterns in their children's 
online profiles. This service can as- 
sist in identifying and reporting to 
the child's parents when the child 
is approached by strangers or cyber- 
bullied. 


Free 


Websense De- 
fensio Web 
Servic^ 


The Defensio web service assists 
in protecting social network users 
against different threats, like links to 
malware that can be posted on the 
user's Facebook page. The Defensio 
service also assists in controlling the 
user's published content, such as re- 
moving specific words from posts or 
filtering specific comments. 


Free (for personal use) 



http : / /www . zonealarm . com/sec ur ity/en-us/zoneal arm- social guard- facebook-parental- control .htmj 
,http : / / www ■ websense . com^ 



14 



Social Privacy 
ProtectoJ^ 


The social privacy protector is a 
Firefox Addon and a Facebook ap- 
plication which aims to improve 
the user's privacy on Facebook |13). 
The software provides users with 
three protection layers. The first 
layer identifies the user's friends who 
might pose a threat and then re- 
stricts the "friend's" exposure to the 
user's personal information. The 
second layer is an expansion of Face- 
book's basic privacy settings based 
on different types of social network 
usage profiles. The third layer alerts 
the user about the number of in- 
stalled applications on their Face- 
book profile that have access to their 
private information. 


Free 


Content Watch 
Net Nannjifl 


Net Nanny is a parental-control soft- 
ware which assists parents in pro- 
tecting their children from harmful 
content. Net Nanny lets parents 
monitor their children's social me- 
dia activity on different online so- 
cial networks websites, such as Face- 
book, Twitter, and Flickr. 


Annual license fee 


MyPageKeeper 


MyPageKeeper, a Facebook appli- 
cation that was developed in or- 
der to protect Facebook users from 
socware [34j. 


Free 



4.3 Academic Solutions 

In recent years, several published studies have attempted to propose solu- 
tions to different social networks threats. De-Barr and Wechsler [10] used 
the graph centrality measure to predict whether a user is likely to send spam 
messages. Wang proposed a method to classify spammers on Twitter by 
using content and social network graph properties [39]. Stringhini et al. |37] 
created more than 300 fake profiles (also referred as "honey-profiles") on 

■^■^http : //www. socialprotector . net | 
^"^ http: //www.netnanny ■ com/. 



15 



three online social networks sites, Twitter, Facebook, and MySpace and suc- 
cessfully identified spammers who sent spam messages to the fake profiles. 
Lee et al |19) . also presented a method for detecting social spammers of 
different types by using honeypots combined with machine learning algo- 
rithms. In 2011, Kontaxis et al. |18) proposed a methodology for detecting 
social network profile cloning. They designed and implemented a prototype 
which can be employed by users and assists in investigating whether users 
have fallen victim to clone attacks. Rahman et al. p4j presented the My- 
PageKeeper Facebook application which aim to protect Facebook users from 
damaging posts on the user's Facebook wall. In addition, Rahman et al. also 
presented the Facebook's Rigorous Application Evaluator (FRAppE) appli- 
cation for detecting malicious applications on Facebook Recently, Fire 
et. al. |14) presented an algorithm for identifying malicious profiles by using 
the social network's own topological features. They evaluated their methods 
on three directed online social networks. 

5 Conclusion 

In recent years, online social networks have become part of our everyday 
life and, on average, most internet users spend more time on online social 
networks than in any other online activity. We use online social networks 
to interact with other people, share experiences, pictures, videos, and other 
types of information. Nevertheless, online social networks also have a dark 
side ripe with hackers, fraudsters, online predators, and other criminals all 
capable of using online social networks as a platform for identifying their 
next victim. In this survey, we presented different scenarios which threaten 
online social networks users and can jeopardize their well-being both in the 
virtual world and in the real world. In addition, we provided examples for 
each one of the presented threats in order to demonstrate that these threats 
are real and can endanger every user. Moreover, we also emphasized the on- 
line threats which challenge the well-being of children and teenagers inside 
the online social network cyberspace. In this survey we also presented dif- 
ferent studies and solutions which aim to protect the online social network's 
user privacy and security. However, the presented solutions are not magi- 
cal solutions which provide full protection to a user's privacy and security. 
Though different technologies, such as using natural language processing 
(NLP) techniques to verify the user's age and gender, may increase users' 
security. However, for the time being these technologies did not fully mature 
and to the best of our knowledge had not been implemented. 

We therefore recommend that users educate themselves and their loved 
ones on threats which can lure users in and potentially end disastrously. 
Moreover, as parents, we are obligated to educate our children to be aware 
of the various threats and educate them not talk to strangers in the real world 



16 



nor in the cyber world. We urge users to consider which information they 
provide about themselves, about their friends, and about their workplace. 
If your personal information falls to the wrong hands, it can cause a vast 
amount of damage and in many cases there is no way to turn the wheel back. 

Acknowledgment 

We would want to thank Jennifer Brill for repeated readings and markups 
on our grammar and spelling. 



References 

[1] A. Acquisti and R. Gross. Imagined Communities: Awareness, Infor- 
mation Sharing, and Privacy on the Facebook. 2006. 

[2] Y. Altshuler, N. Aharony, Y. Elovici, A. Pentland, and M. Cebrian. 
Stealing reality: when criminals become data scientists (or vice versa). 
Security and Privacy in Social Networks, pages 133-151, 2011. 

[3] T. Amin, O. Okhiria, J. Lu, and J. An. Facebook: A comprehensive 
analysis of phishing on a social system. 2010. 

[4] J. Angwin and J. Singer- Vine. Selling you on facebook. The Wall Street 
Journal, 2012. 

[5] S. Axon. Facebook will add a "panic button" for uk teens. 

[6] J. Baltazar, J. Costoya, and R. Flores. The real face of koobface: The 
largest web 2.0 botnet explained. Trend Micro Threat Research, 2009. 

[7] L. Bilge, T. Strufe, D. Balzarotti, and E. Kirda. All your contacts 
are belong to us: automated identity theft attacks on social networks. 
In Proceedings of the 18th international conference on World wide web, 
pages 551-560. ACM, 2009. 

[8] Y. Boshmaf, I. Muslukhov, K. Beznosov, and M. Ripeanu. The socialbot 

network: when bots socialize for fame and money. In Proceedings of the 
27th Annual Computer Security Applications Conference, pages 93-102. 
ACM, 2011. 

[9] Y. Boshmaf, I. Muslukhov, K. Beznosov, and M. Ripeanu. Design and 
analysis of a social botnet. Computer Networks, 2012. 

[10] D. DeBarr and H. Wechsler. Using social network analysis for spam 
detection. Advances in Social Computing, pages 62-69, 2010. 



17 



[11] J. Douceur. The sybil attack. Peer-to-peer Systems, pages 251-260, 
2002. 



[12] A. Elishar, M. Fire, D. Kagan, and Y. Elovici. Organizational intrusion: 
Organization mining using socialbots. ASE International Cyber Security 
Conference, 2012. 

[13] M. Fire, D. Kagan, A. Elishar, and Y. Elovici. Social privacy protector 
- protecting users' privacy in social networks. The Second International 
Conference on Social Eco- Informatics (SOTICS), 2012. 

[14] M. Fire, G. Katz, and Y. Elovici. Strangers intrusion detection-detecting 
spammers and fake profiles in social networks based on topology anoma- 
lies. Human Journal, l(l):26-39, 2012. 

[15] M. Fire, G. Katz, L. Rokach, and Y. Elovici. Links reconstruction 
attack. Security and Privacy in Social Networks, pages 181-196. 

[16] M. Fire, R. Puzis, and Y. Elovici. Organization mining using online 
social networks. 2012. 

[17] J. Halliday. Facebook fraud a 'major issue'. Guardian, 2010. 

[18] G. Kontaxis, I. Polakis, S. loannidis, and E. Markatos. Detecting social 
network profile cloning. In Pervasive Computing and Communications 
Workshops (PERCOM Workshops), 2011 IEEE International Confer- 
ence on, pages 295-300. IEEE, 2011. 

[19] K. Lee, J. Caverlee, and S. Webb. Uncovering social spammers: social 

honeypots+ machine learning. In Proceeding of the 33rd international 
ACM SIGIR conference on Research and development in information 
retrieval, pages 435-442. ACM, 2010. 

[20] J. Lewis. How spies used facebook to steal nato chiefs' details. The 
Telegraph, 2012. 

[21] Y. Liu, K. Gummadi, B. Krishnamurthy, and A. Mislove. Analyzing 
facebook privacy settings: User expectations vs. reality. In Proceed- 
ings of the 2011 ACM SIGCOMM conference on Internet measurement 
conference, pages 61-70. ACM, 2011. 

[22] S. Livingstone and L. Haddon. Child safety online: Global challenges 
and strategies. 2011. 

[23] S. Livingstone, L. Haddon, and K. Olafsson. Eu kids online: Final 
report. 2011. 



18 



[24] B. Livshits and W. Cui. Spectator: Detection and containment of 
javascript worms. In USENIX 2008 Annual Technical Conference on 
Annual Technical Conference, pages 335-348. USENIX Association, 
2008. 

[25] R. Lundeen, J. Ou, and T. Rhodes. New ways i'm going to hack your 
web app. 

[26] S. Mahmood and Y. Desmedt. Poster: preliminary analysis of google+'s 
privacy. In Proceedings of the 18th ACM conference on Computer and 
communications security, pages 809-812. ACM, 2011. 

[27] S. Mahmood and Y. Desmedt. Poster: preliminary analysis of google+'s 
privacy. In Proceedings of the 18th ACM conference on Computer and 
communications security, pages 809-812. ACM, 2011. 

[28] R. McMillan. Researchers make wormy twitter attack. CIO, 2009. 

[29] E. Mills. Facebook hit by phishing attacks for a second day. CNET 
News, pages 8301-1009, 2009. 

[30] A. Mislove, B. Viswanath, K. Gummadi, and P. Druschel. You are 
who you know: Inferring user profiles in online social networks. In 

Proceedings of the third ACM international conference on Web search 
and data mining, pages 251-260. ACM, 2010. 

[31] M. Moore. Gay men 'can be identified by their facebook friends'. The 
Telegaph, 2009. 

[32] Nielsen. The social media report, 

http:/ /blog. nielsen.com/nielsenwire/social/. 

[33] I. Paul. Twitter worm: A closer look at what happened. PCWorld, 
2009. 

[34] M. Rahman, T. Huang, H. Madhyastha, and M. Faloutsos. Efficient 
and scalable socware detection in online social networks. In Proceedings 
of the 21st USENIX conference on Security symposium, pages 32-32. 
USENIX Association, 2012. 

[35] M. Rahman, T. Huang, H. Madhyastha, and M. Faloutsos. Frappe: 
Detecting malicious facebook apphcations. 2012. 

[36] T. Stein, E. Chen, and K. Mangla. Facebook immune system. In Pro- 
ceedings of the 4th Workshop on Social Network Systems, SNS, vol- 
ume 11, page 8, 2011. 



19 



[37] G. Stringhini, C. Kruegel, and G. Vigna. Detecting spammers on so- 
cial networks. In Proceedings of the 26th Annual Computer Security 
Applications Conference, pages 1-9. ACM, 2010. 

[38] C. Tucker. Social networks, personalized advertising, and privacy con- 
trols. 2010. 

[39] A. Wang. Don't follow me: Spam detection in twitter. In Security 
and Cryptography (SECRYPT), Proceedings of the 2010 International 
Conference on, pages 1-10. IEEE, 2010. 

[40] J. Wolak, D. Finkelhor, K. Mitchell, and M. Ybarra. Online "predators" 
and their victims. Psychology of Violence, 1:13-35, 2010. 

[41] G. Wondracek, T. Holz, E. Kirda, and C. Kruegel. A practical attack to 
de-anonymize social network users. In Security and Privacy (SP), 2010 
IEEE Symposium on, pages 223-238. IEEE, 2010. 

[42] M. Ybarra and K. Mitchell. How risky are social networking sites? a 
comparison of places online where youth sexual solicitation and harass- 
ment occurs. Pediatrics, 121(2):e350-e357, 2008. 



20 



